Web-based Distributed Authoring and Versioning, or WebDAV, is a set of extensions to the Hypertext Transfer Protocol (HTTP) that allows users to edit and manage files collaboratively on remote World Wide Web servers.Installing WebDAV in debian

First install apache using the following command

#aptitude install apache2

Enable the WebDAV modules using the following commands

#a2enmod dav_fs

#a2enmod dav

Restart Apache server

#/etc/init.d/apache2 restart

Creating A Virtual Hostin Apache

Now create a default Apache vhost in the directory /var/www/webdav. We will modify the default Apache vhost configuration in /etc/apache2/sites-available/default. If you already have a vhost for which you'd like to enable WebDAV, you must adjust this tutorial to your situation.

First, we create the directory /var/www/webdav and make the Apache user (www-data) the owner of that directory

#mkdir -p /var/www/webdav

#chown www-data /var/www/webdav

Then we back up the default Apache vhost configuration (/etc/apache2/sites-available/default) and create our own one

The Alias directive makes (together with <Location>) that when you call /webdav, WebDAV is invoked, but you can still access the whole document root of the vhost.

Reload Apache server

#/etc/init.d/apache2 reload

Testing your WebDAV

We will now install cadaver,cadaver is a command-line WebDAV client for Unix. It supports file upload, download, on-screen display, namespace operations (move/copy), collection creation and deletion, and locking operations.

#apt-get install cadaver

To test if WebDAV works use the following command

#cadaver http://localhost/webdav/

You should be prompted for a user name. Type in test and then the password for the user testnew. If all goes well, you should be granted access which means WebDAV is working ok. Type quit to leave the WebDAV shell.

3 Responses to “WebDAV With Apache2 On Debian 5.0 (Lenny)”

Never, **never**, put password files under a web accesible directory.
In this example, any user can take passwd.dav file via http request.
Passwords for all users are not directly readable (there are “crypted”),
but it’s easy to crack it using brute force and/or dictionary attack
(and there are a lot of tools to do that out there).

Safe place for that file could be /var/www/passwd.dav or even better (i
think) /etc/apache2/passwd.dav